Microsoft Azure Active Directory (AAD)

This object allows for the use of Microsoft AAD as an identity provider for accessing Dremio.

Identity Provider Object

{
    "type": "AZURE_AD",
    "id": "acd23077-263a-4277-b5f6-926b1983c9de",
    "isActive": true,
    "domain": "dremio.onmicrosoft.com",
    "clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
    "clientSecret": null
}

Identity Provider Attributes

type

String

The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.

---

id

String (UUID)

The UUID to identify the identity provider.

Example acd23077-263a-4277-b5f6-926b1983c9de

---

isActive

boolean

Set to true if the identity provider is configured and enabled. Otherwise displays as false.

Example true

---

domain

String

The domain of your Azure AD account in the Azure portal.

Example dremio.onmicrosoft.com

---

clientID

String

The client ID or application ID of your registered Dremio application on the Azure portal.

Example e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff

---

clientSecret

String

The client secret of your registered Dremio application on the Azure portal.

Example The client secret is not shown in the object and so the value is returned as `null`

---

Adding Microsoft AAD

Add Microsoft AAD as an identity provider. After adding an IdP, activate it using the associated endpoint.

Adding Microsoft AAD

POST /v0/identity-providers

Parameters

type

body

String

The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.

---

isActive

body

boolean

Optional

Set to false to add Microsoft AAD as an identity provider.

---

domain

body

String

The domain for your Microsoft AAD account in the Azure portal.

---

clientID

body

String

The client ID or application ID of your registered Dremio application on the Azure portal.

---

clientSecret

body

String

The client secret of your registered Dremio application on the Azure portal.

note

For information on how to get the domain, client ID, and client secret from the Azure portal, see required Azure AD properties.

note

After adding an IdP, activate it using the associated endpoint.

Example Request

curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
    "type": "AZURE_AD",
    "isActive": "false",
    "domain": "dremio.onmicrosoft.com",
    "clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
    "clientSecret": "aaAaA_a1aA1A_A1aaa_1a~aaA1_A11-AA1"
}'

Example Response

{
    "id": "acd23077-263a-4277-b5f6-926b1983c9de"
}

Responses

200

Identity Provider added successfully

400

Bad input parameter

---

Retrieving Microsoft AAD

Get the metadata for Microsoft AAD by providing the identity provider ID that was returned on creation.

Retrieving Microsoft AAD

GET /v0/identity-providers/{id}

Parameters

id

path

String

The ID of the Microsoft AAD identity provider for which you want to retrieve metadata.

Example Request

curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

{
    "type": "AZURE_AD",
    "id": "acd23077-263a-4277-b5f6-926b1983c9de",
    "isActive": true,
    "domain": "dremio.onmicrosoft.com",
    "clientID": "e1cec408-4c58-4283-9b9b-9ec6a6e96f83",
    "clientSecret": null
}

Responses

200

Identity Provider returned successfully

400

Bad input parameter

---

Activating Microsoft AAD

Activate Microsoft AAD as an identity provider, once configured. This will show Microsoft AAD as an option to users on the Dremio Cloud login page.

Activating Microsoft AAD

POST /v0/identity-providers/{id}/activate

Parameters

id

path

String

The ID of the identity provider that you want to activate.

Example Request

curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/activate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

No response

Responses

200

Identity Provider activated successfully

400

Bad input parameter

---

Deactivating Microsoft AAD

Deactivate Microsoft AAD. The Microsoft AAD option will no longer be available to users for authentication to Dremio Cloud and it will not be shown on the login page.

Deactivating Microsoft AAD

POST /v0/identity-providers/{id}/deactivate

Parameters

id

path

String

The ID of the identity provider that you want to deactivate.

Example Request

curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/deactivate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

No response

Responses

200

Identity Provider deactivated successfully

400

Bad input parameter

---

Deleting Microsoft AAD

Delete Microsoft AAD.

Deleting Microsoft AAD

DELETE /v0/identity-providers/{id}

Parameters

id

path

String

The ID of the identity provider that you want to delete.

Example Request

curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

No response

Responses

200

Identity Provider deleted successfully

400

Bad input parameter

---